Chat now with support
Chat with Support

Foglight for Infrastructure 5.9.7 - User Guide

Using Foglight for Infrastructure Monitoring log files with Foglight Log Monitor Monitoring IBM PowerVM environments
Before you begin Managing PowerVM HMC agents Monitoring your PowerVM environment
Advanced system configuration and troubleshooting Reference
Foglight for Infrastructure views Foglight Log Monitor views Rules Metrics
Appendix: Building regular expressions in Foglight

Record Transformations

The Record Transformations properties allow you to transform any log message before it is sent to the Management Server. This could be used to add extra information or to remove sensitive information from a log record.

Record Transformations: A list of record transformations that the agents must use in conjunction with the match patterns to convert any log messages. When no transformation is specified, the log record is transmitted to the Management Server without changes.
RegEx Record Transformation Pattern: A regular expression that the agent uses to look for specific text in the collected log record.
Record Transformation: The replacement text that the agent uses in the log record to be transmitted to the Management Server.

Data Collection Scheduler

The Datacenter Collection Scheduler agent properties specify the data frequency settings the agent uses to read monitored log files.

Collector Config: A list containing the data collectors the agent uses. Each entry in the list includes the following columns:
Collector Name: The name of the collector the agent uses to gather data.
Default Collection Interval: The number of milliseconds, seconds, minutes, hours, or days during which the agent collects data.
Time Unit: The time unit associated with the Default Collection Interval.
Fast-Mode Collection Interval: The number of milliseconds, seconds, minutes, hours, or days during which the agent collects data when working in the fast collection mode.
Fast-Mode Time Unit: The time unit associated with the Fast-Mode Collection Interval.
Fast-Mode Max Count: The maximum number of the times the agent can stay in fast collection mode.

FileLogMonitor configuration example

This example provides the configuration settings for monitoring the FglAM log files on a UNIX® system for WARN and ERROR records. The FglAM log files are located in the /home/user/FglAM/state/default/logs folder. FglAM log records have a date at the beginning of each record that look like this:

This format can be set as the regular expression for the record separator.

Monitored Hosts

Hosts

Host

host.domain.com

 

 

Host name override

(optional)

 

 

Host Type

UNIX

 

 

SSH Port

22

 

 

Operation Timeout

60000

 

 

Collect System ID

 

 

 

Remote Collector Executable

(optional)

 

 

Secure Launcher

(optional)

Log Files

Log Files

Directory

/home/user/FglAM/state/default/logs

 

 

Filename Pattern

FglAM_*\\.log$

 

 

File Format Name

 

 

Patterns

RegEx Match Patterns

WARN

ERROR

 

 

Match Severity

 

 

 

Tags

 

 

Exclude Records

RegEx Record Exclude Pattern

WARN

ERROR

 

 

RegEx File Exclude Pattern

C:\temp.log | D:\temp.txt

C:\apache\logs\FglAM.*.log|Test.*.log

 

 

Exclude Enable

 

File Formats

File Formats

Name

 

 

 

Max Record Size

1024

 

 

New Line Policy

ANYCRLF

 

 

Rollover Policy

NEW

 

 

Record Separator RegEx

^\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2}\\.\\d{3}

 

 

Character Set

UTF-8

 

 

Maximum Match Count

200

 

 

Max Processing Time(s)

120

Record Transformations

Record Transformations

RegEx Record Transformation Pattern

(optional)

 

 

Record Transformation

(optional)

Data Collection Scheduler

Collector Config

Collector Name

(default)

 

 

Default Collection Interval

(default)

 

 

Time Unit

(default)

 

 

Fast-Mode Collection Interval

(default)

 

 

Fast-Mode Time Unit

(default)

 

 

Fast-Mode Max Count

(default)

This example only shows one scan, but the scan can be performed multiple times at regular intervals since more records can be added to the log files over time.

Configuring Windows Event Log Monitor agent properties

The Windows Event Log Monitor Agent collects information from Windows Event Log files. This agent expands the functionality of the Windows Agent, also included with Foglight for Infrastructure. However, while the Windows Agent can collect information only from Windows Logs and those Application and Service Logs that are accessible through WMI or WinRM, the Windows Event Log Monitor Agent can monitor both Windows Logs and any Application and Service Logs, including the Microsoft Application and Services Logs, available on some newer Microsoft Windows versions.

For more information about the Windows Agent, see the Managing Infrastructure User and Reference Guide.

This agent includes the following groups of agent properties:

For a configuration example, see WindowsEventLogMonitor configuration example.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating